security analysis asks two times for password
This seems quite senseless to me: Asking twice for a password is a security measure when setting passwords, to avoid users locking them selves out by mistyping a new password. In this case, this is unnecessary, since nothing bad happens when mistyping. I'd expect a typical "wrong password" message and can try again.
Another thing slightly bothering: the repition field only appears after typing in the first field.